Hi,
I just created a VueJS app and I’m using Capacitor to generate both iOS and Android applications.
At the begining, I was using the “fetch” javascript method to make any http requests. It worked fine.
I wanted to use CapacitorHttp because it seems to be better to use in Capacitor applications.
On iOS, I have no issue, the origin is “capacitor://localhost”
On Android though, the origin is not sent in the http request, and, then, in my server, I have “undefined” in “origin”.
I tried few things:
- Add hostname in the capacitor.config.ts => no luck
- Manually set origin during my http requests => no luck (and bad)
Here is an example of a GET request I do
CapacitorHttp.get({
url: url,
headers: headers,
webFetchExtra: { credentials: ‘include’ },
})
Someone has an idea?
Thanks,
Laurent
I don’t have an answer to your specific issue but I wouldn’t say CapacitorHttp is better. I recommend using standard fetch or XMLHttpRequest if possible. CapacitorHttp was created primarily to get around CORS issues when making requests to 3rd party APIs that don’t allow requests from localhost and this is the last resort. CapacitorHttp actually adds some latency due to having to serialize/unserialize requests/responses between the web layer and native layer.
Right ok, thanks for your answer
Though, that’s precisely a CORS issue I have as the origin is empty… interesting.
Anyway, I choose to use CapacitorHttp because I read few things that say that it handles server Set-Cookie because it doesn’t work on iOS
For a XSRF token, it doesn’t make sense to return the token in the body, so, I would prefer to not have to change my server just for that…
I’ll still investigate, but I’ll probably forget CapacitorHttp as fetch API is working super great.
If you are using CapacitorHttp, then it wouldn’t be a CORS issue as CORS doesn’t exist in native land 
Yes, it can handle setting Cookies but using Cookies are not recommended in a native app. See Capacitor iOS / Cookie Authentication / capacitor/http - #10 by dallas
That’s the thing… my server app is expecting to have an origin… But yeah it’s really “web centric” and not “native app centric”, I agree… I should probably allow empty “origin” for mobile app…
Thanks for the read !! Really appreciate your quickly answers
Though, Cookies is a great mechanisme to ensure that something is coming from the server and isn’t manipulate by anything else… the fact that "they are pretty non-existent " in the native world doesn’t mean we don’t have to use them…
Though (bis), I agree that we can have a different mechanism, no worries